Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/78c103-89da-4b84-8f34-aeb6d2cf2de2/1/5QjLb26gBZotApZA2t1i1VRwubI.roa
File: 5QjLb26gBZotApZA2t1i1VRwubI.roa (raw, json)
Hash identifier: zTU7juMWz5cUyYNWEv/rE4zllS2YjFNReIZ988b/v+k=
Subject key identifier: E5:08:CB:6F:6E:A0:05:9A:2D:02:96:40:DA:DD:62:D5:54:70:B9:B2
Certificate issuer: /CN=8f8b15d34c08b5f1fcff4f9e74c95bc76a0b6abe
Certificate serial: 01856F1DBB2802BA7B8835340A297C288017
Authority key identifier: 8F:8B:15:D3:4C:08:B5:F1:FC:FF:4F:9E:74:C9:5B:C7:6A:0B:6A:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j4sV00wItfH8_0-edMlbx2oLar4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/78c103-89da-4b84-8f34-aeb6d2cf2de2/1/5QjLb26gBZotApZA2t1i1VRwubI.roa
Signing time: Sun 01 Jan 2023 20:54:57 +0000
ROA not before: Sun 01 Jan 2023 20:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204790
IP address blocks: 2a11:b180::/29 maxlen: 29
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:bb:28:02:ba:7b:88:35:34:0a:29:7c:28:80:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f8b15d34c08b5f1fcff4f9e74c95bc76a0b6abe
Validity
Not Before: Jan 1 20:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e508cb6f6ea0059a2d029640dadd62d55470b9b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:9c:c5:14:e8:47:9c:01:60:30:c6:a9:40:09:
83:77:26:18:cc:09:3c:25:c2:64:58:b7:75:14:43:
8b:cb:30:16:ff:5f:33:ca:e4:32:02:55:2d:2c:b2:
ab:af:1b:d6:98:63:69:93:25:22:0f:8b:14:ac:84:
a0:f3:89:d4:e3:cf:12:80:a5:03:56:07:6f:01:8d:
22:ae:71:78:12:98:12:e0:f0:7e:87:e1:fd:a0:8a:
d3:7b:4d:de:11:be:f0:14:f7:33:f7:5b:cc:69:f3:
1b:19:b5:b3:d2:5d:9b:6a:40:e8:63:06:d1:b9:ce:
69:79:aa:97:21:a5:7c:8f:67:d5:e3:db:ee:43:72:
ea:d5:29:ef:43:71:19:8f:c3:4c:88:62:da:9c:31:
b3:15:ae:87:2c:a5:94:98:d3:d4:e3:f3:1e:47:56:
1b:cd:46:1e:a1:11:3d:2c:72:d6:5b:71:46:f8:32:
98:8b:d6:7b:fd:5d:03:0c:8b:d4:24:04:b7:72:25:
33:9a:5b:e7:c4:ca:53:bd:a7:c5:62:92:5e:48:5b:
67:89:ad:21:12:55:cb:80:e0:b9:14:fa:e2:ea:28:
c7:6d:ab:88:8c:fe:da:e7:d2:7c:55:df:2f:46:53:
7a:7d:bc:6d:0c:df:e8:f6:38:9d:df:54:fa:bd:d8:
29:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:08:CB:6F:6E:A0:05:9A:2D:02:96:40:DA:DD:62:D5:54:70:B9:B2
X509v3 Authority Key Identifier:
keyid:8F:8B:15:D3:4C:08:B5:F1:FC:FF:4F:9E:74:C9:5B:C7:6A:0B:6A:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j4sV00wItfH8_0-edMlbx2oLar4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/78c103-89da-4b84-8f34-aeb6d2cf2de2/1/5QjLb26gBZotApZA2t1i1VRwubI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/78c103-89da-4b84-8f34-aeb6d2cf2de2/1/j4sV00wItfH8_0-edMlbx2oLar4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:b180::/29
Signature Algorithm: sha256WithRSAEncryption
71:c9:10:d0:51:76:83:67:8f:79:51:4e:9e:95:4f:de:4c:45:
25:0a:99:6a:2b:33:d9:0f:db:0c:d0:55:97:a1:9e:04:8e:0b:
a0:0f:94:58:33:82:85:c5:73:90:0a:e3:96:62:4d:7e:f6:ff:
7c:66:fb:4d:be:ce:4d:de:78:36:3c:4b:1a:8a:ca:e3:4d:17:
64:f5:b6:02:62:0a:34:0d:33:6d:80:44:59:6b:6a:01:2c:46:
e6:9f:31:20:62:20:01:76:29:90:51:39:95:7d:1e:74:97:bc:
27:78:52:ff:be:cc:01:46:af:0a:ba:83:55:c1:4c:17:20:9e:
0e:ef:2e:5e:66:d7:44:18:37:95:c6:bd:9d:62:c9:24:da:b5:
77:f0:41:2f:c5:6d:f5:bb:66:94:95:89:01:5b:fc:b2:55:0f:
30:ae:22:b6:78:de:44:cc:64:23:06:be:0d:c7:af:23:1e:92:
7f:55:2a:19:a6:98:51:12:4a:07:4a:5b:c3:9b:7d:d8:89:bf:
51:d9:66:a0:de:d4:c0:7e:dc:d9:53:84:ff:74:6c:c5:fb:9b:
6b:61:c0:a2:ce:18:3e:5c:d9:bf:ac:b0:10:a9:e8:9a:52:2f:
ba:85:5a:d4:c8:2a:44:a1:4a:f9:bf:3b:b9:30:cc:3c:62:44:
db:eb:a4:14
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVvHbsoArp7iDU0Cil8KIAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOGIxNWQzNGMwOGI1ZjFmY2ZmNGY5ZTc0Yzk1YmM3NmEw
YjZhYmUwHhcNMjMwMTAxMjA1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTA4Y2I2ZjZlYTAwNTlhMmQwMjk2NDBkYWRkNjJkNTU0NzBiOWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5zFFOhHnAFgMMapQAmDdyYYzAk8
JcJkWLd1FEOLyzAW/18zyuQyAlUtLLKrrxvWmGNpkyUiD4sUrISg84nU488SgKUD
VgdvAY0irnF4EpgS4PB+h+H9oIrTe03eEb7wFPcz91vMafMbGbWz0l2bakDoYwbR
uc5peaqXIaV8j2fV49vuQ3Lq1SnvQ3EZj8NMiGLanDGzFa6HLKWUmNPU4/MeR1Yb
zUYeoRE9LHLWW3FG+DKYi9Z7/V0DDIvUJAS3ciUzmlvnxMpTvafFYpJeSFtnia0h
ElXLgOC5FPri6ijHbauIjP7a59J8Vd8vRlN6fbxtDN/o9jid31T6vdgpVwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFOUIy29uoAWaLQKWQNrdYtVUcLmyMB8GA1UdIwQY
MBaAFI+LFdNMCLXx/P9PnnTJW8dqC2q+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajRzVjAwd0l0Zkg4XzAtZWRNbGJ4Mm9MYXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83OGMxMDMtODlkYS00Yjg0LThmMzQt
YWViNmQyY2YyZGUyLzEvNVFqTGIyNmdCWm90QXBaQTJ0MWkxVlJ3dWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83OGMxMDMtODlkYS00Yjg0LThmMzQtYWViNmQyY2YyZGUy
LzEvajRzVjAwd0l0Zkg4XzAtZWRNbGJ4Mm9MYXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhGxgDAN
BgkqhkiG9w0BAQsFAAOCAQEAcckQ0FF2g2ePeVFOnpVP3kxFJQqZaisz2Q/bDNBV
l6GeBI4LoA+UWDOChcVzkArjlmJNfvb/fGb7Tb7OTd54NjxLGorK400XZPW2AmIK
NA0zbYBEWWtqASxG5p8xIGIgAXYpkFE5lX0edJe8J3hS/77MAUavCrqDVcFMFyCe
Du8uXmbXRBg3lca9nWLJJNq1d/BBL8Vt9btmlJWJAVv8slUPMK4itnjeRMxkIwa+
DcevIx6Sf1UqGaaYURJKB0pbw5t92Im/UdlmoN7UwH7c2VOE/3Rsxfuba2HAos4Y
PlzZv6ywEKnomlIvuoVa1MgqRKFK+b87uTDMPGJE2+ukFA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:17 2023 by rpki-client on console-ams.rpki-client.org